IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

backend plugins: fix crashes in development mode

Browse Source 
Do not set or delete attributes directly on KerberosWSGIExecutioner, ldap2
and ra_lightweight_ca instances, as that raises an AttributeError in
development mode because of ReadOnly locking.

Use the usual workaround of `object.__setattr__` and `object.__delattr__`
to fix the issue.

https://pagure.io/freeipa/issue/6625

Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
This commit is contained in:
Jan Cholasta 2017-03-09 11:42:12 +00:00 committed by Martin Basti
parent 4514ec1505
commit 8fdd7a9ffc
3 changed files with 20 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ipaserver/plugins/dogtag.py
View File

@ -1289,7 +1289,7 @@ class RestClient(Backend):
cookies = ipapython.cookie.Cookie.parse(resp_headers.get('set-cookie', '')) cookies = ipapython.cookie.Cookie.parse(resp_headers.get('set-cookie', ''))
if status != 200 or len(cookies) == 0: if status != 200 or len(cookies) == 0:
raise errors.RemoteRetrieveError(reason=_('Failed to authenticate to CA REST API')) raise errors.RemoteRetrieveError(reason=_('Failed to authenticate to CA REST API'))
self.cookie = str(cookies[0]) object.__setattr__(self, 'cookie', str(cookies[0]))
return self return self
def __exit__(self, exc_type, exc_value, traceback): def __exit__(self, exc_type, exc_value, traceback):
@ -1302,7 +1302,7 @@ class RestClient(Backend):
client_keyfile=self.client_keyfile, client_keyfile=self.client_keyfile,
method='GET' method='GET'
) )
self.cookie = None object.__setattr__(self, 'cookie', None)
def _ssldo(self, method, path, headers=None, body=None, use_session=True): def _ssldo(self, method, path, headers=None, body=None, use_session=True):
""" """

28
ipaserver/plugins/ldap2.py
View File

@ -77,42 +77,42 @@ class ldap2(CrudBackend, LDAPClient):
LDAPClient.__init__(self, ldap_uri, LDAPClient.__init__(self, ldap_uri,
force_schema_updates=force_schema_updates) force_schema_updates=force_schema_updates)
self.__time_limit = float(LDAPClient.time_limit) self._time_limit = float(LDAPClient.time_limit)
self.__size_limit = int(LDAPClient.size_limit) self._size_limit = int(LDAPClient.size_limit)
@property @property
def time_limit(self): def time_limit(self):
if self.__time_limit is None: if self._time_limit is None:
return float(self.get_ipa_config().single_value.get( return float(self.get_ipa_config().single_value.get(
'ipasearchtimelimit', 2)) 'ipasearchtimelimit', 2))
return self.__time_limit return self._time_limit
@time_limit.setter @time_limit.setter
def time_limit(self, val): def time_limit(self, val):
if val is not None: if val is not None:
val = float(val) val = float(val)
self.__time_limit = val object.__setattr__(self, '_time_limit', val)
@time_limit.deleter @time_limit.deleter
def time_limit(self): def time_limit(self):
self.__time_limit = int(LDAPClient.size_limit) object.__setattr__(self, '_time_limit', int(LDAPClient.size_limit))
@property @property
def size_limit(self): def size_limit(self):
if self.__size_limit is None: if self._size_limit is None:
return int(self.get_ipa_config().single_value.get( return int(self.get_ipa_config().single_value.get(
'ipasearchrecordslimit', 0)) 'ipasearchrecordslimit', 0))
return self.__size_limit return self._size_limit
@size_limit.setter @size_limit.setter
def size_limit(self, val): def size_limit(self, val):
if val is not None: if val is not None:
val = int(val) val = int(val)
self.__size_limit = val object.__setattr__(self, '_size_limit', val)
@size_limit.deleter @size_limit.deleter
def size_limit(self): def size_limit(self):
self.__size_limit = float(LDAPClient.time_limit) object.__setattr__(self, '_size_limit', float(LDAPClient.time_limit))
def _connect(self): def _connect(self):
# Connectible.conn is a proxy to thread-local storage; # Connectible.conn is a proxy to thread-local storage;
@ -158,9 +158,9 @@ class ldap2(CrudBackend, LDAPClient):
cacert = paths.IPA_CA_CRT cacert = paths.IPA_CA_CRT
if time_limit is not _missing: if time_limit is not _missing:
self.time_limit = time_limit object.__setattr__(self, 'time_limit', time_limit)
if size_limit is not _missing: if size_limit is not _missing:
self.size_limit = size_limit object.__setattr__(self, 'size_limit', size_limit)
client = LDAPClient(self.ldap_uri, client = LDAPClient(self.ldap_uri,
force_schema_updates=self._force_schema_updates, force_schema_updates=self._force_schema_updates,
@ -219,8 +219,8 @@ class ldap2(CrudBackend, LDAPClient):
# ignore when trying to unbind multiple times # ignore when trying to unbind multiple times
pass pass
del self.time_limit object.__delattr__(self, 'time_limit')
del self.size_limit object.__delattr__(self, 'size_limit')
def get_ipa_config(self, attrs_list=None): def get_ipa_config(self, attrs_list=None):
"""Returns the IPA configuration entry (dn, entry_attrs).""" """Returns the IPA configuration entry (dn, entry_attrs)."""

6
ipaserver/rpcserver.py
View File

@ -628,8 +628,10 @@ class KerberosWSGIExecutioner(WSGIExecutioner, KerberosSession):
self.debug('KerberosWSGIExecutioner.__call__:') self.debug('KerberosWSGIExecutioner.__call__:')
user_ccache=environ.get('KRB5CCNAME') user_ccache=environ.get('KRB5CCNAME')
self.headers = [('Content-Type', object.__setattr__(
'%s; charset=utf-8' % self.content_type)] self, 'headers',
[('Content-Type', '%s; charset=utf-8' % self.content_type)]
)
if user_ccache is None: if user_ccache is None: